Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2017-1000092
Vulnerability from cvelistv5
Published
2017-10-04 01:00
Modified
2024-08-05 21:53
Severity ?
EPSS score ?
Summary
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100435 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://jenkins.io/security/advisory/2017-07-10/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100435 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2017-07-10/ | Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:53:06.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100435",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-08-22T00:00:00",
"datePublic": "2017-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-04T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "100435",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.312285",
"ID": "CVE-2017-1000092",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100435"
},
{
"name": "https://jenkins.io/security/advisory/2017-07-10/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000092",
"datePublished": "2017-10-04T01:00:00",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-08-05T21:53:06.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.1.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"DB4E4FC0-7580-4FBB-A139-797A60357EB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.2.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"677080D2-F865-4F8E-A950-690C063E8078\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.3.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"46B3B5C9-5D20-4D53-921E-160B1ABB338C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.4.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"67C09409-E8DF-4174-B276-3C09DAB8CCD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.5.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"AFA7DF0D-10B2-42E8-A721-601A47CB8E7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.6.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"819379AD-978B-498B-98FC-ACD7BB0426FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.7.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"16A1E997-1499-45EA-9DE4-9E30A071957A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.7.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"2A50E52B-25F2-41CA-98AA-FAB65AB993FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.7.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"E0F1D344-77AC-4FB0-A12A-3E03CCB34E3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.7.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"B7754A95-AF91-49EF-8965-7E63AB1CCAFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.8.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1F589112-DEFC-4BC8-81A7-72DD2BC1FA0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.8.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"3CBF17E0-B324-49C0-AD5C-141D456CCC28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.8.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"D41DA62C-75DC-46BC-B300-46EDDDCF456A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.9.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"AFB68276-8776-4293-A762-5B2FE1862892\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.9.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"7FBCE99F-BF42-4126-8CCC-93927427293E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:0.9.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"A8022A06-6A26-4BD4-82D5-C31E944B5425\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.0.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"8F3F756A-02CC-4680-9C4D-B8913F54078F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.0.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1B09D69F-639C-43BA-856F-A0B61E43D66B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"A3298505-24F3-4335-9257-9FE6208B14FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"4526FCB4-1CFB-48A8-84AF-65267A1AF61E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"0606E95F-66B8-4FE9-8B9E-0D110E3C0380\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"345AF76C-A05F-477E-96DA-D81E55F51397\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.4:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"4E619E21-218E-42E9-8B49-55ED5B6D1707\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.5:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"365AE461-27A5-4027-B3FB-911D073CDF76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.6:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"323964F0-4A7A-4C78-BF55-3536682501C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.7:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"63A0EF35-CF43-4025-BDF0-782D995BDA13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.8:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"99A5279C-041F-4E4F-916E-FA3C7E337095\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.9:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"54805166-D56E-47BE-8ED6-3934C7D37573\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.10:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F488A22E-32B4-4F48-9147-39A08868D21C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.11:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"2035150A-915D-4A3D-9E31-A07A26419347\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.12:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"FF7D4054-7393-4797-B029-218D6346F05B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.13:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F3180557-DB1A-4DF1-A1A2-CAC7953A55D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.14:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"0BA98018-F0DD-4338-9892-AA1B5F336A01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.15:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"8463B4B8-F656-47C3-86DA-572C3C6C26F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.16:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"4ABD72A1-3802-432F-82B9-8620DEBF9736\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.17:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F3758A9E-63E3-4D19-87F2-DD9EAE3805EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.18:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"15969DE6-CEF4-4E11-89C2-CA16A9EFA62A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.19:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"142BCBAC-8779-4CAF-8B40-BBDFC655CC32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.20:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"3C1EC783-A402-48A6-8EC4-354009927118\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.21:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"18C6971D-A64A-40E7-8699-319FB9C5C012\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.22:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"00D49A22-8E40-4D90-9637-3983EE5A00D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.23:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1BBC99C6-A757-4F50-B8D8-06E2D184F802\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.24:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"BAD742A3-0968-4125-8470-A606EF704EA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.25:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"8E1AA9C6-9298-4194-9E2B-1239CF5340F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.26:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"223A2980-F9B1-4487-A722-E5EB1C490A6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.27:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"04662411-8E1B-4475-9775-5486AFEA8CA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.28:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"E216DB21-0479-43A9-92E3-E8B7DD21D98D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.1.29:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"9E0AC53B-F90C-4A43-B5DD-3AAD55A36668\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.2.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"CDF0EE94-AB3B-4A53-B681-AEFD1B25CFC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.3.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"676B8587-D103-4289-AAE7-AEC669901348\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.4.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"52790BF9-338F-48E0-8589-8B12CD841577\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.5.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"C89707D1-2517-414D-B4B8-7458F87C527D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:1.6.0:beta-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"DDE9A7CC-4941-4C6B-8C9E-E4FDC6A857C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"C3A56B14-5584-42D2-B612-D62B064806AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.0:alpha-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"93E6C099-AA06-405D-8711-657D83962EC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.0:alpha-2:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"00FB7EF8-0ED4-49EC-A43E-FE774B495656\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.0:beta-2:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"23F164E6-F9E1-4A3F-A3BC-48B2537DBA68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.0:beta-3:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"76FDF0F0-F6E9-49EE-9BC7-2BFA59E970B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"084E37A1-4446-44C7-845A-CCEA77A6CF6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"23971890-1FD6-49AF-B14D-3435B05EAE51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"E321BB4A-CD62-47A5-8E41-28B2FAD72DFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.0.4:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1DFDB0FE-F09B-46ED-8595-D673DCE03250\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.1.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"09CFCF17-D7ED-4F0B-95F6-21ECAF4DBAC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"612D9AC8-996C-4AB2-9221-57A735A757CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"C9D2156A-2461-45D7-BFDA-48E1A1607042\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"2D0960CF-E96D-4750-93C3-A6BDE67E4534\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"30C24C33-FEFF-47DC-A608-646F3D64B260\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.4:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"4A9A2E1B-5803-418A-8A40-674711037117\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.5:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1C5AB485-17A4-4525-9D32-8032B0414DB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.6:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"2E86B79A-3574-4A6E-A8C3-1706790709BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.7:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"A8F007EC-A886-4544-9E83-8BABFFE9CA0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.8:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"40912236-69A3-4E2D-BD91-217FE52DCFBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.9:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F830CEAC-AA1C-4B64-BFAD-FE9296BEF571\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.10:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"AC18C7E1-D808-401F-A97A-9631E35DA7D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.11:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"83A4C949-8A88-48FC-841E-DF9944E7D85D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.2.12:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"09677FA9-1411-4FFF-A5B7-93758B1A455E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"41EC1109-DFE3-4BF5-BE6F-CEBDE78C05D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.0:beta-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"219FDFBE-AEBC-4DFE-AEC0-2E87AEB79BBF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.0:beta-2:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1BA545CA-4F7A-4C86-8AF8-7733F5FD94D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.0:beta-3:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"3D82424E-26BE-445F-8B98-AC89616CBE21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.0:beta-4:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"5A7D44A1-A926-4321-9B8D-C8A02901C685\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F0C9E21F-B5E8-4072-9405-75E503DAFABF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"D77AA97E-55FD-4D7F-86B7-DFAD6C330A71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"FA8DA453-C09F-4745-B056-057EDB7D93DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.4:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F7B17F60-E1E6-4E5C-B91B-F8CCEDBC1EE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.3.5:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"AAFAA96E-76B5-4D11-939C-DBE647200F60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.4.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"DA1B861E-8E14-4B28-9110-790AA5225820\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.4.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"0B64FBA4-E28E-4560-922D-EE750EF1A5A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.4.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"AA791F81-C8BB-4C76-840C-6A338CD14B56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.4.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1BF74B44-160D-4C12-8F42-33320D14F42F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.4.4:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"3B043F28-8821-47EA-AA0D-1BABD293B226\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"01D52B58-F3E9-41D3-9F63-FA7FD52D07B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.0:beta-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"6284EE03-B9C8-416B-8AFE-E9DF69BBDFE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.0:beta-2:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"73C9FBCC-8EA0-4364-A07B-1D3313BD60A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.0:beta-3:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"C74DB2EA-CCB6-4419-9895-9EBAB0B10497\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.0:beta-4:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F6C95AAC-8D8D-4641-984B-03543ACA742A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.0:beta-5:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"95CC9043-A604-4159-B088-144E22FC2692\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"A3691557-61F0-493D-BB07-31DC514AC6E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"62855947-0D7A-43E4-AA13-8ACE828670DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.5.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1F0007C3-E62F-4967-B5D8-D32AD59032DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.6.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"D74818F0-D227-4C20-A00B-98D9F90C0DEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.6.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"849FE2D4-6821-4FB7-A63A-4DB69F5E760D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.6.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1BA36392-D2A2-48FE-A0DA-F0506B8F4DA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.6.2:beta-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1D7871F7-0464-4FE8-BE25-F1850E50FD34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.6.2:beta-2:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"1F0491FA-ABC1-4F8A-8EC1-28B6A6DCE98E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.6.4:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"DAF4DF9B-1A13-4E97-8EA7-314920CCFD27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:2.6.5:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"B80C0DD3-D13E-4BE3-A725-D6F30C76539B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"64EB6FCA-F51A-4E19-8295-D33EC3C2F2A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.0:beta-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"F4004DD0-FA0F-496D-B55A-532BC2AC9C4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.0:beta-2:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"D50CF5BC-9DF3-4470-A251-FB9A293C6474\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"FFAE336E-F298-4DFE-A962-E12992F4E261\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.2:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"4A9CDB02-9046-4CEB-92DD-A543A9CCD60D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.2:beta-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"9CEDCC1A-D893-4BC6-8F76-664E770A7282\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.2:beta-2:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"24FD6C60-A3ED-40D6-A81F-3F0E4B0F565D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.3:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"6EFE4D87-9963-446E-85EC-9FB87D4A62DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.4:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"659C6AE8-7FBA-48CD-B7D7-50775163B920\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.0.5:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"8FF05032-310B-4CB7-A658-0D27852A03DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.1.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"71A8E89B-39E9-4B5A-B814-B4981BB158E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.2.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"B9567E6E-50BA-436A-82C8-B59BA8B75F9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.3.0:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"7644636A-C6B9-4502-95B6-E7083D62AD35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.3.1:*:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"7FFA6D47-FC31-4E7D-BACE-8A57BB674AC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.4.0:alpha-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"903074CE-C5D6-4BCF-A7E3-44C490510756\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.4.0:alpha-4:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"AA7E1D39-4A57-4A1D-9D3A-33E48E4C0790\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:git:3.4.0:beta-1:*:*:*:jenkins:*:*\", \"matchCriteriaId\": \"5D749ADF-C75A-4C90-8735-50E12564838E\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.\"}, {\"lang\": \"es\", \"value\": \"El plugin Git se conecta a un repositorio de Git especificado por el usuario como parte de la validaci\\u00f3n de formularios. Un atacante que no tenga acceso directo a Jenkins pero que pueda adivinar un ID de credenciales de nombre de usuario/contrase\\u00f1a podr\\u00eda enga\\u00f1ar a un desarrollador con permisos de configuraci\\u00f3n de tareas para que acceda a un enlace con una URL Jenkins manipulada con fines maliciosos, lo que puede provocar que el cliente de Git de Jenkins env\\u00ede el nombre de usuario y la contrase\\u00f1a a un servidor controlado por el atacante.\"}]",
"id": "CVE-2017-1000092",
"lastModified": "2024-11-21T03:04:08.467",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 4.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2017-10-05T01:29:03.773",
"references": "[{\"url\": \"http://www.securityfocus.com/bid/100435\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://jenkins.io/security/advisory/2017-07-10/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/100435\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://jenkins.io/security/advisory/2017-07-10/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-1000092\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-05T01:29:03.773\",\"lastModified\":\"2024-11-21T03:04:08.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.\"},{\"lang\":\"es\",\"value\":\"El plugin Git se conecta a un repositorio de Git especificado por el usuario como parte de la validaci\u00f3n de formularios. Un atacante que no tenga acceso directo a Jenkins pero que pueda adivinar un ID de credenciales de nombre de usuario/contrase\u00f1a podr\u00eda enga\u00f1ar a un desarrollador con permisos de configuraci\u00f3n de tareas para que acceda a un enlace con una URL Jenkins manipulada con fines maliciosos, lo que puede provocar que el cliente de Git de Jenkins env\u00ede el nombre de usuario y la contrase\u00f1a a un servidor controlado por el atacante.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:N/A:N\",\"baseScore\":2.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.1.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"DB4E4FC0-7580-4FBB-A139-797A60357EB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.2.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"677080D2-F865-4F8E-A950-690C063E8078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.3.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"46B3B5C9-5D20-4D53-921E-160B1ABB338C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.4.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"67C09409-E8DF-4174-B276-3C09DAB8CCD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.5.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"AFA7DF0D-10B2-42E8-A721-601A47CB8E7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.6.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"819379AD-978B-498B-98FC-ACD7BB0426FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.7.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"16A1E997-1499-45EA-9DE4-9E30A071957A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.7.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"2A50E52B-25F2-41CA-98AA-FAB65AB993FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.7.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"E0F1D344-77AC-4FB0-A12A-3E03CCB34E3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.7.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"B7754A95-AF91-49EF-8965-7E63AB1CCAFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.8.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1F589112-DEFC-4BC8-81A7-72DD2BC1FA0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.8.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"3CBF17E0-B324-49C0-AD5C-141D456CCC28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.8.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"D41DA62C-75DC-46BC-B300-46EDDDCF456A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.9.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"AFB68276-8776-4293-A762-5B2FE1862892\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.9.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"7FBCE99F-BF42-4126-8CCC-93927427293E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:0.9.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"A8022A06-6A26-4BD4-82D5-C31E944B5425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.0.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"8F3F756A-02CC-4680-9C4D-B8913F54078F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.0.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1B09D69F-639C-43BA-856F-A0B61E43D66B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"A3298505-24F3-4335-9257-9FE6208B14FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"4526FCB4-1CFB-48A8-84AF-65267A1AF61E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"0606E95F-66B8-4FE9-8B9E-0D110E3C0380\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"345AF76C-A05F-477E-96DA-D81E55F51397\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.4:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"4E619E21-218E-42E9-8B49-55ED5B6D1707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.5:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"365AE461-27A5-4027-B3FB-911D073CDF76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.6:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"323964F0-4A7A-4C78-BF55-3536682501C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.7:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"63A0EF35-CF43-4025-BDF0-782D995BDA13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.8:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"99A5279C-041F-4E4F-916E-FA3C7E337095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.9:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"54805166-D56E-47BE-8ED6-3934C7D37573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.10:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F488A22E-32B4-4F48-9147-39A08868D21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.11:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"2035150A-915D-4A3D-9E31-A07A26419347\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.12:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"FF7D4054-7393-4797-B029-218D6346F05B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.13:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F3180557-DB1A-4DF1-A1A2-CAC7953A55D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.14:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"0BA98018-F0DD-4338-9892-AA1B5F336A01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.15:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"8463B4B8-F656-47C3-86DA-572C3C6C26F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.16:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"4ABD72A1-3802-432F-82B9-8620DEBF9736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.17:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F3758A9E-63E3-4D19-87F2-DD9EAE3805EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.18:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"15969DE6-CEF4-4E11-89C2-CA16A9EFA62A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.19:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"142BCBAC-8779-4CAF-8B40-BBDFC655CC32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.20:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"3C1EC783-A402-48A6-8EC4-354009927118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.21:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"18C6971D-A64A-40E7-8699-319FB9C5C012\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.22:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"00D49A22-8E40-4D90-9637-3983EE5A00D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.23:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1BBC99C6-A757-4F50-B8D8-06E2D184F802\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.24:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"BAD742A3-0968-4125-8470-A606EF704EA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.25:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"8E1AA9C6-9298-4194-9E2B-1239CF5340F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.26:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"223A2980-F9B1-4487-A722-E5EB1C490A6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.27:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"04662411-8E1B-4475-9775-5486AFEA8CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.28:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"E216DB21-0479-43A9-92E3-E8B7DD21D98D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.1.29:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"9E0AC53B-F90C-4A43-B5DD-3AAD55A36668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.2.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"CDF0EE94-AB3B-4A53-B681-AEFD1B25CFC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.3.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"676B8587-D103-4289-AAE7-AEC669901348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.4.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"52790BF9-338F-48E0-8589-8B12CD841577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.5.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"C89707D1-2517-414D-B4B8-7458F87C527D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:1.6.0:beta-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"DDE9A7CC-4941-4C6B-8C9E-E4FDC6A857C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"C3A56B14-5584-42D2-B612-D62B064806AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.0:alpha-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"93E6C099-AA06-405D-8711-657D83962EC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.0:alpha-2:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"00FB7EF8-0ED4-49EC-A43E-FE774B495656\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.0:beta-2:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"23F164E6-F9E1-4A3F-A3BC-48B2537DBA68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.0:beta-3:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"76FDF0F0-F6E9-49EE-9BC7-2BFA59E970B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"084E37A1-4446-44C7-845A-CCEA77A6CF6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"23971890-1FD6-49AF-B14D-3435B05EAE51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"E321BB4A-CD62-47A5-8E41-28B2FAD72DFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.0.4:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1DFDB0FE-F09B-46ED-8595-D673DCE03250\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.1.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"09CFCF17-D7ED-4F0B-95F6-21ECAF4DBAC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"612D9AC8-996C-4AB2-9221-57A735A757CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"C9D2156A-2461-45D7-BFDA-48E1A1607042\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"2D0960CF-E96D-4750-93C3-A6BDE67E4534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"30C24C33-FEFF-47DC-A608-646F3D64B260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.4:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"4A9A2E1B-5803-418A-8A40-674711037117\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.5:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1C5AB485-17A4-4525-9D32-8032B0414DB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.6:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"2E86B79A-3574-4A6E-A8C3-1706790709BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.7:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"A8F007EC-A886-4544-9E83-8BABFFE9CA0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.8:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"40912236-69A3-4E2D-BD91-217FE52DCFBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.9:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F830CEAC-AA1C-4B64-BFAD-FE9296BEF571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.10:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"AC18C7E1-D808-401F-A97A-9631E35DA7D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.11:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"83A4C949-8A88-48FC-841E-DF9944E7D85D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.2.12:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"09677FA9-1411-4FFF-A5B7-93758B1A455E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"41EC1109-DFE3-4BF5-BE6F-CEBDE78C05D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.0:beta-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"219FDFBE-AEBC-4DFE-AEC0-2E87AEB79BBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.0:beta-2:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1BA545CA-4F7A-4C86-8AF8-7733F5FD94D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.0:beta-3:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"3D82424E-26BE-445F-8B98-AC89616CBE21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.0:beta-4:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"5A7D44A1-A926-4321-9B8D-C8A02901C685\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F0C9E21F-B5E8-4072-9405-75E503DAFABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"D77AA97E-55FD-4D7F-86B7-DFAD6C330A71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"FA8DA453-C09F-4745-B056-057EDB7D93DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.4:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F7B17F60-E1E6-4E5C-B91B-F8CCEDBC1EE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.3.5:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"AAFAA96E-76B5-4D11-939C-DBE647200F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.4.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"DA1B861E-8E14-4B28-9110-790AA5225820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.4.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"0B64FBA4-E28E-4560-922D-EE750EF1A5A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.4.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"AA791F81-C8BB-4C76-840C-6A338CD14B56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.4.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1BF74B44-160D-4C12-8F42-33320D14F42F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.4.4:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"3B043F28-8821-47EA-AA0D-1BABD293B226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"01D52B58-F3E9-41D3-9F63-FA7FD52D07B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.0:beta-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"6284EE03-B9C8-416B-8AFE-E9DF69BBDFE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.0:beta-2:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"73C9FBCC-8EA0-4364-A07B-1D3313BD60A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.0:beta-3:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"C74DB2EA-CCB6-4419-9895-9EBAB0B10497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.0:beta-4:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F6C95AAC-8D8D-4641-984B-03543ACA742A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.0:beta-5:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"95CC9043-A604-4159-B088-144E22FC2692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"A3691557-61F0-493D-BB07-31DC514AC6E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"62855947-0D7A-43E4-AA13-8ACE828670DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.5.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1F0007C3-E62F-4967-B5D8-D32AD59032DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.6.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"D74818F0-D227-4C20-A00B-98D9F90C0DEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.6.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"849FE2D4-6821-4FB7-A63A-4DB69F5E760D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.6.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1BA36392-D2A2-48FE-A0DA-F0506B8F4DA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.6.2:beta-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1D7871F7-0464-4FE8-BE25-F1850E50FD34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.6.2:beta-2:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"1F0491FA-ABC1-4F8A-8EC1-28B6A6DCE98E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.6.4:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"DAF4DF9B-1A13-4E97-8EA7-314920CCFD27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:2.6.5:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"B80C0DD3-D13E-4BE3-A725-D6F30C76539B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"64EB6FCA-F51A-4E19-8295-D33EC3C2F2A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.0:beta-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"F4004DD0-FA0F-496D-B55A-532BC2AC9C4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.0:beta-2:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"D50CF5BC-9DF3-4470-A251-FB9A293C6474\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"FFAE336E-F298-4DFE-A962-E12992F4E261\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.2:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"4A9CDB02-9046-4CEB-92DD-A543A9CCD60D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.2:beta-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"9CEDCC1A-D893-4BC6-8F76-664E770A7282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.2:beta-2:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"24FD6C60-A3ED-40D6-A81F-3F0E4B0F565D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.3:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"6EFE4D87-9963-446E-85EC-9FB87D4A62DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.4:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"659C6AE8-7FBA-48CD-B7D7-50775163B920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.0.5:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"8FF05032-310B-4CB7-A658-0D27852A03DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.1.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"71A8E89B-39E9-4B5A-B814-B4981BB158E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.2.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"B9567E6E-50BA-436A-82C8-B59BA8B75F9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.3.0:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"7644636A-C6B9-4502-95B6-E7083D62AD35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.3.1:*:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"7FFA6D47-FC31-4E7D-BACE-8A57BB674AC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.4.0:alpha-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"903074CE-C5D6-4BCF-A7E3-44C490510756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.4.0:alpha-4:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"AA7E1D39-4A57-4A1D-9D3A-33E48E4C0790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:git:3.4.0:beta-1:*:*:*:jenkins:*:*\",\"matchCriteriaId\":\"5D749ADF-C75A-4C90-8735-50E12564838E\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/100435\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://jenkins.io/security/advisory/2017-07-10/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/100435\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://jenkins.io/security/advisory/2017-07-10/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
ghsa-rf5q-8gx3-xqfc
Vulnerability from github
Published
2022-05-17 00:33
Modified
2022-07-05 22:59
Severity ?
Summary
Cross-Site Request Forgery in Jenkins Git Plugin
Details
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c 3.2.2"
},
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:git"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-1000092"
],
"database_specific": {
"cwe_ids": [
"CWE-352"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-05T22:59:14Z",
"nvd_published_at": "2017-10-05T01:29:00Z",
"severity": "HIGH"
},
"details": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.",
"id": "GHSA-rf5q-8gx3-xqfc",
"modified": "2022-07-05T22:59:14Z",
"published": "2022-05-17T00:33:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471053"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2017-07-10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Cross-Site Request Forgery in Jenkins Git Plugin"
}
rhba-2017_2642
Vulnerability from csaf_redhat
Published
2017-09-08 03:14
Modified
2024-11-22 11:21
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update
Notes
Topic
Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.
Details
Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHEA-2017:2644
This update fixes the following bugs:
* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.
(BZ#1423640)
* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each
service handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service's requests. (BZ#1473736)
* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)
* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service's labels.
(BZ#1477933)
* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)
* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)
* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)
* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)
This update includes the following enhancement:
* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)
All OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is the company\u0027s cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHEA-2017:2644\n\nThis update fixes the following bugs:\n\n* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.\n(BZ#1423640)\n\n* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each\nservice handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service\u0027s requests. (BZ#1473736)\n\n* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)\n\n* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service\u0027s labels.\n(BZ#1477933)\n\n* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)\n\n* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)\n\n* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)\n\n* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)\n\nThis update includes the following enhancement:\n\n* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)\n\nAll OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2017:2642",
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
},
{
"category": "external",
"summary": "1420976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420976"
},
{
"category": "external",
"summary": "1423640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1423640"
},
{
"category": "external",
"summary": "1473736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473736"
},
{
"category": "external",
"summary": "1476731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476731"
},
{
"category": "external",
"summary": "1477223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477223"
},
{
"category": "external",
"summary": "1477933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477933"
},
{
"category": "external",
"summary": "1479130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479130"
},
{
"category": "external",
"summary": "1479928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479928"
},
{
"category": "external",
"summary": "1481251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481251"
},
{
"category": "external",
"summary": "1482273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482273"
},
{
"category": "external",
"summary": "1484958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484958"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhba-2017_2642.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T11:21:43+00:00",
"generator": {
"date": "2024-11-22T11:21:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2017:2642",
"initial_release_date": "2017-09-08T03:14:52+00:00",
"revision_history": [
{
"date": "2017-09-08T03:14:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-08T03:14:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T11:21:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.6",
"product": {
"name": "Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-federation-services@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tuned-profiles-atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-catalog@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-capacity@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kibana-0:4.6.4-3.el7.x86_64",
"product": {
"name": "kibana-0:4.6.4-3.el7.x86_64",
"product_id": "kibana-0:4.6.4-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product": {
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product_id": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana-debuginfo@4.6.4-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product_id": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product": {
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product_id": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io-debuginfo@1.5.1-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "fluentd-0:0.12.39-2.el7.noarch",
"product": {
"name": "fluentd-0:0.12.39-2.el7.noarch",
"product_id": "fluentd-0:0.12.39-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product": {
"name": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product_id": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd-doc@0.12.39-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product": {
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product_id": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io-doc@1.5.1-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product": {
"name": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product_id": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product": {
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product_id": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon-doc@0.58.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product": {
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product_id": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday-doc@0.13.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product": {
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product_id": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter-doc@0.29.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model-doc@0.0.5-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product": {
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product_id": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n-doc@0.8.6-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product": {
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product_id": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product": {
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product_id": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal-doc@1.3.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "fluentd-0:0.12.39-2.el7.src",
"product": {
"name": "fluentd-0:0.12.39-2.el7.src",
"product_id": "fluentd-0:0.12.39-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "kibana-0:4.6.4-3.el7.src",
"product": {
"name": "kibana-0:4.6.4-3.el7.src",
"product_id": "kibana-0:4.6.4-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product_id": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-0:0.58.0-1.el7.src",
"product": {
"name": "rubygem-excon-0:0.58.0-1.el7.src",
"product_id": "rubygem-excon-0:0.58.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-0:0.13.0-1.el7.src",
"product": {
"name": "rubygem-faraday-0:0.13.0-1.el7.src",
"product_id": "rubygem-faraday-0:0.13.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-0:0.8.6-1.el7.src",
"product": {
"name": "rubygem-i18n-0:0.8.6-1.el7.src",
"product_id": "rubygem-i18n-0:0.8.6-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src"
},
"product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch"
},
"product_reference": "fluentd-0:0.12.39-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-0:0.12.39-2.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src"
},
"product_reference": "fluentd-0:0.12.39-2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-doc-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch"
},
"product_reference": "fluentd-doc-0:0.12.39-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:4.6.4-3.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src"
},
"product_reference": "kibana-0:4.6.4-3.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64"
},
"product_reference": "kibana-0:4.6.4-3.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64"
},
"product_reference": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src"
},
"product_reference": "rubygem-cool.io-0:1.5.1-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64"
},
"product_reference": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64"
},
"product_reference": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch"
},
"product_reference": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch"
},
"product_reference": "rubygem-excon-0:0.58.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-0:0.58.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src"
},
"product_reference": "rubygem-excon-0:0.58.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch"
},
"product_reference": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch"
},
"product_reference": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-0:0.13.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src"
},
"product_reference": "rubygem-faraday-0:0.13.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch"
},
"product_reference": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch"
},
"product_reference": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-0:0.8.6-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src"
},
"product_reference": "rubygem-i18n-0:0.8.6-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch"
},
"product_reference": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch"
},
"product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src"
},
"product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch"
},
"product_reference": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Jesse Glick"
],
"organization": "CloudBees",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000085",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471046"
}
],
"notes": [
{
"category": "description",
"text": "Subversion Plugin improperly checked permissions, requiring just Item/Build instead of Item/Configure when used. This allows a user to specify an attacker-controlled Subversion server which can then be used to collect credentials used by the Subversion plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-subversion as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000085"
},
{
"category": "external",
"summary": "RHBZ#1471046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000085",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
}
],
"cve": "CVE-2017-1000089",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471050"
}
],
"notes": [
{
"category": "description",
"text": "The jenkins-plugin-pipeline-build-step fails to check permissions correctly allowing attackers with access to it to specify the triggering of any other project in Jenkins. This potentially gives an attacker access to projects they should not have access to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-pipeline-build-step as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000089"
},
{
"category": "external",
"summary": "RHBZ#1471050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471050"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000089"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Jesse Glick"
],
"organization": "CloudBees",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000092",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471053"
}
],
"notes": [
{
"category": "description",
"text": "The Git Plugin can leak credentials (username and password) used to access a git repo if an attacker-supplied URL is provided to the plugin. To supply the URL to the plugin, the attacker would need to guess a username/password ID and then trick a developer into following a specific URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-git as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000092"
},
{
"category": "external",
"summary": "RHBZ#1471053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000092",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Green",
"Simon St John"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000096",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471064"
}
],
"notes": [
{
"category": "description",
"text": "The jenkins-plugin-script-security has incomplete sandbox protection which allows attackers to execute arbitrary code via constructors, instance variable initializers, and instance initializers in Pipeline scripts. Exploitation of this requires the attacker to have permission to configure Pipelines in Jenkins or be a trusted committers to repositories containing Jenkinsfiles and for that Jenkins instance to be hosting other projects as well that the attacker should not have access to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-workflow-cps as shipped with Red Hat OpenShift Enterprise 3. However, this flaw is of low impact under the supported scenarios in OpenShift Enterprise 3. A future update may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000096"
},
{
"category": "external",
"summary": "RHBZ#1471064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471064"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000096",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)"
}
]
}
rhba-2017:2642
Vulnerability from csaf_redhat
Published
2017-09-08 03:14
Modified
2024-11-22 11:21
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update
Notes
Topic
Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.
Details
Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHEA-2017:2644
This update fixes the following bugs:
* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.
(BZ#1423640)
* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each
service handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service's requests. (BZ#1473736)
* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)
* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service's labels.
(BZ#1477933)
* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)
* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)
* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)
* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)
This update includes the following enhancement:
* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)
All OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is the company\u0027s cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHEA-2017:2644\n\nThis update fixes the following bugs:\n\n* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.\n(BZ#1423640)\n\n* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each\nservice handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service\u0027s requests. (BZ#1473736)\n\n* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)\n\n* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service\u0027s labels.\n(BZ#1477933)\n\n* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)\n\n* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)\n\n* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)\n\n* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)\n\nThis update includes the following enhancement:\n\n* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)\n\nAll OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2017:2642",
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
},
{
"category": "external",
"summary": "1420976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420976"
},
{
"category": "external",
"summary": "1423640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1423640"
},
{
"category": "external",
"summary": "1473736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473736"
},
{
"category": "external",
"summary": "1476731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476731"
},
{
"category": "external",
"summary": "1477223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477223"
},
{
"category": "external",
"summary": "1477933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477933"
},
{
"category": "external",
"summary": "1479130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479130"
},
{
"category": "external",
"summary": "1479928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479928"
},
{
"category": "external",
"summary": "1481251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481251"
},
{
"category": "external",
"summary": "1482273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482273"
},
{
"category": "external",
"summary": "1484958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484958"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhba-2017_2642.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T11:21:43+00:00",
"generator": {
"date": "2024-11-22T11:21:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2017:2642",
"initial_release_date": "2017-09-08T03:14:52+00:00",
"revision_history": [
{
"date": "2017-09-08T03:14:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-08T03:14:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T11:21:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.6",
"product": {
"name": "Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-federation-services@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tuned-profiles-atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-catalog@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-capacity@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kibana-0:4.6.4-3.el7.x86_64",
"product": {
"name": "kibana-0:4.6.4-3.el7.x86_64",
"product_id": "kibana-0:4.6.4-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product": {
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product_id": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana-debuginfo@4.6.4-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product_id": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product": {
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product_id": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io-debuginfo@1.5.1-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "fluentd-0:0.12.39-2.el7.noarch",
"product": {
"name": "fluentd-0:0.12.39-2.el7.noarch",
"product_id": "fluentd-0:0.12.39-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product": {
"name": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product_id": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd-doc@0.12.39-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product": {
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product_id": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io-doc@1.5.1-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product": {
"name": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product_id": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product": {
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product_id": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon-doc@0.58.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product": {
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product_id": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday-doc@0.13.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product": {
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product_id": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter-doc@0.29.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model-doc@0.0.5-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product": {
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product_id": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n-doc@0.8.6-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product": {
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product_id": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product": {
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product_id": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal-doc@1.3.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "fluentd-0:0.12.39-2.el7.src",
"product": {
"name": "fluentd-0:0.12.39-2.el7.src",
"product_id": "fluentd-0:0.12.39-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "kibana-0:4.6.4-3.el7.src",
"product": {
"name": "kibana-0:4.6.4-3.el7.src",
"product_id": "kibana-0:4.6.4-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product_id": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-0:0.58.0-1.el7.src",
"product": {
"name": "rubygem-excon-0:0.58.0-1.el7.src",
"product_id": "rubygem-excon-0:0.58.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-0:0.13.0-1.el7.src",
"product": {
"name": "rubygem-faraday-0:0.13.0-1.el7.src",
"product_id": "rubygem-faraday-0:0.13.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-0:0.8.6-1.el7.src",
"product": {
"name": "rubygem-i18n-0:0.8.6-1.el7.src",
"product_id": "rubygem-i18n-0:0.8.6-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src"
},
"product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch"
},
"product_reference": "fluentd-0:0.12.39-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-0:0.12.39-2.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src"
},
"product_reference": "fluentd-0:0.12.39-2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-doc-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch"
},
"product_reference": "fluentd-doc-0:0.12.39-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:4.6.4-3.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src"
},
"product_reference": "kibana-0:4.6.4-3.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64"
},
"product_reference": "kibana-0:4.6.4-3.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64"
},
"product_reference": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src"
},
"product_reference": "rubygem-cool.io-0:1.5.1-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64"
},
"product_reference": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64"
},
"product_reference": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch"
},
"product_reference": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch"
},
"product_reference": "rubygem-excon-0:0.58.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-0:0.58.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src"
},
"product_reference": "rubygem-excon-0:0.58.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch"
},
"product_reference": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch"
},
"product_reference": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-0:0.13.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src"
},
"product_reference": "rubygem-faraday-0:0.13.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch"
},
"product_reference": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch"
},
"product_reference": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-0:0.8.6-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src"
},
"product_reference": "rubygem-i18n-0:0.8.6-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch"
},
"product_reference": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch"
},
"product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src"
},
"product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch"
},
"product_reference": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Jesse Glick"
],
"organization": "CloudBees",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000085",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471046"
}
],
"notes": [
{
"category": "description",
"text": "Subversion Plugin improperly checked permissions, requiring just Item/Build instead of Item/Configure when used. This allows a user to specify an attacker-controlled Subversion server which can then be used to collect credentials used by the Subversion plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-subversion as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000085"
},
{
"category": "external",
"summary": "RHBZ#1471046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000085",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
}
],
"cve": "CVE-2017-1000089",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471050"
}
],
"notes": [
{
"category": "description",
"text": "The jenkins-plugin-pipeline-build-step fails to check permissions correctly allowing attackers with access to it to specify the triggering of any other project in Jenkins. This potentially gives an attacker access to projects they should not have access to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-pipeline-build-step as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000089"
},
{
"category": "external",
"summary": "RHBZ#1471050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471050"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000089"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Jesse Glick"
],
"organization": "CloudBees",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000092",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471053"
}
],
"notes": [
{
"category": "description",
"text": "The Git Plugin can leak credentials (username and password) used to access a git repo if an attacker-supplied URL is provided to the plugin. To supply the URL to the plugin, the attacker would need to guess a username/password ID and then trick a developer into following a specific URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-git as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000092"
},
{
"category": "external",
"summary": "RHBZ#1471053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000092",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Green",
"Simon St John"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000096",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471064"
}
],
"notes": [
{
"category": "description",
"text": "The jenkins-plugin-script-security has incomplete sandbox protection which allows attackers to execute arbitrary code via constructors, instance variable initializers, and instance initializers in Pipeline scripts. Exploitation of this requires the attacker to have permission to configure Pipelines in Jenkins or be a trusted committers to repositories containing Jenkinsfiles and for that Jenkins instance to be hosting other projects as well that the attacker should not have access to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-workflow-cps as shipped with Red Hat OpenShift Enterprise 3. However, this flaw is of low impact under the supported scenarios in OpenShift Enterprise 3. A future update may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000096"
},
{
"category": "external",
"summary": "RHBZ#1471064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471064"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000096",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)"
}
]
}
RHBA-2017:2642
Vulnerability from csaf_redhat
Published
2017-09-08 03:14
Modified
2024-11-22 11:21
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update
Notes
Topic
Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.
Details
Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHEA-2017:2644
This update fixes the following bugs:
* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.
(BZ#1423640)
* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each
service handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service's requests. (BZ#1473736)
* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)
* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service's labels.
(BZ#1477933)
* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)
* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)
* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)
* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)
This update includes the following enhancement:
* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)
All OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is the company\u0027s cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHEA-2017:2644\n\nThis update fixes the following bugs:\n\n* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.\n(BZ#1423640)\n\n* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each\nservice handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service\u0027s requests. (BZ#1473736)\n\n* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)\n\n* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service\u0027s labels.\n(BZ#1477933)\n\n* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)\n\n* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)\n\n* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)\n\n* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)\n\nThis update includes the following enhancement:\n\n* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)\n\nAll OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2017:2642",
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
},
{
"category": "external",
"summary": "1420976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420976"
},
{
"category": "external",
"summary": "1423640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1423640"
},
{
"category": "external",
"summary": "1473736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473736"
},
{
"category": "external",
"summary": "1476731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476731"
},
{
"category": "external",
"summary": "1477223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477223"
},
{
"category": "external",
"summary": "1477933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477933"
},
{
"category": "external",
"summary": "1479130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479130"
},
{
"category": "external",
"summary": "1479928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479928"
},
{
"category": "external",
"summary": "1481251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481251"
},
{
"category": "external",
"summary": "1482273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482273"
},
{
"category": "external",
"summary": "1484958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484958"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhba-2017_2642.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T11:21:43+00:00",
"generator": {
"date": "2024-11-22T11:21:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2017:2642",
"initial_release_date": "2017-09-08T03:14:52+00:00",
"revision_history": [
{
"date": "2017-09-08T03:14:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-08T03:14:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T11:21:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.6",
"product": {
"name": "Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-federation-services@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tuned-profiles-atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-catalog@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-capacity@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kibana-0:4.6.4-3.el7.x86_64",
"product": {
"name": "kibana-0:4.6.4-3.el7.x86_64",
"product_id": "kibana-0:4.6.4-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product": {
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product_id": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana-debuginfo@4.6.4-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product_id": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product": {
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product_id": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io-debuginfo@1.5.1-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "fluentd-0:0.12.39-2.el7.noarch",
"product": {
"name": "fluentd-0:0.12.39-2.el7.noarch",
"product_id": "fluentd-0:0.12.39-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product": {
"name": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product_id": "fluentd-doc-0:0.12.39-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd-doc@0.12.39-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product": {
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product_id": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io-doc@1.5.1-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product": {
"name": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product_id": "rubygem-excon-0:0.58.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product": {
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product_id": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon-doc@0.58.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product": {
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product_id": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday-doc@0.13.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product": {
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product_id": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter-doc@0.29.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product_id": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model-doc@0.0.5-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product": {
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product_id": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n-doc@0.8.6-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product": {
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product_id": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product": {
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product_id": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal-doc@1.3.0-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "fluentd-0:0.12.39-2.el7.src",
"product": {
"name": "fluentd-0:0.12.39-2.el7.src",
"product_id": "fluentd-0:0.12.39-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "kibana-0:4.6.4-3.el7.src",
"product": {
"name": "kibana-0:4.6.4-3.el7.src",
"product_id": "kibana-0:4.6.4-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product_id": "rubygem-cool.io-0:1.5.1-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-excon-0:0.58.0-1.el7.src",
"product": {
"name": "rubygem-excon-0:0.58.0-1.el7.src",
"product_id": "rubygem-excon-0:0.58.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-faraday-0:0.13.0-1.el7.src",
"product": {
"name": "rubygem-faraday-0:0.13.0-1.el7.src",
"product_id": "rubygem-faraday-0:0.13.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-i18n-0:0.8.6-1.el7.src",
"product": {
"name": "rubygem-i18n-0:0.8.6-1.el7.src",
"product_id": "rubygem-i18n-0:0.8.6-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src"
},
"product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch"
},
"product_reference": "fluentd-0:0.12.39-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-0:0.12.39-2.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src"
},
"product_reference": "fluentd-0:0.12.39-2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fluentd-doc-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch"
},
"product_reference": "fluentd-doc-0:0.12.39-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:4.6.4-3.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src"
},
"product_reference": "kibana-0:4.6.4-3.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64"
},
"product_reference": "kibana-0:4.6.4-3.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64"
},
"product_reference": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src"
},
"product_reference": "rubygem-cool.io-0:1.5.1-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64"
},
"product_reference": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64"
},
"product_reference": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch"
},
"product_reference": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch"
},
"product_reference": "rubygem-excon-0:0.58.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-0:0.58.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src"
},
"product_reference": "rubygem-excon-0:0.58.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch"
},
"product_reference": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch"
},
"product_reference": "rubygem-faraday-0:0.13.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-0:0.13.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src"
},
"product_reference": "rubygem-faraday-0:0.13.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch"
},
"product_reference": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch"
},
"product_reference": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch"
},
"product_reference": "rubygem-i18n-0:0.8.6-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-0:0.8.6-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src"
},
"product_reference": "rubygem-i18n-0:0.8.6-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch"
},
"product_reference": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch"
},
"product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-0:1.3.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src"
},
"product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch"
},
"product_reference": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
"product_id": "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
},
"product_reference": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Jesse Glick"
],
"organization": "CloudBees",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000085",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471046"
}
],
"notes": [
{
"category": "description",
"text": "Subversion Plugin improperly checked permissions, requiring just Item/Build instead of Item/Configure when used. This allows a user to specify an attacker-controlled Subversion server which can then be used to collect credentials used by the Subversion plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-subversion as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000085"
},
{
"category": "external",
"summary": "RHBZ#1471046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000085",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
}
],
"cve": "CVE-2017-1000089",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471050"
}
],
"notes": [
{
"category": "description",
"text": "The jenkins-plugin-pipeline-build-step fails to check permissions correctly allowing attackers with access to it to specify the triggering of any other project in Jenkins. This potentially gives an attacker access to projects they should not have access to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-pipeline-build-step as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000089"
},
{
"category": "external",
"summary": "RHBZ#1471050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471050"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000089"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Jesse Glick"
],
"organization": "CloudBees",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000092",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471053"
}
],
"notes": [
{
"category": "description",
"text": "The Git Plugin can leak credentials (username and password) used to access a git repo if an attacker-supplied URL is provided to the plugin. To supply the URL to the plugin, the attacker would need to guess a username/password ID and then trick a developer into following a specific URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-git as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000092"
},
{
"category": "external",
"summary": "RHBZ#1471053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000092",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)"
},
{
"acknowledgments": [
{
"names": [
"the Jenkins project"
]
},
{
"names": [
"Green",
"Simon St John"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-1000096",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1471064"
}
],
"notes": [
{
"category": "description",
"text": "The jenkins-plugin-script-security has incomplete sandbox protection which allows attackers to execute arbitrary code via constructors, instance variable initializers, and instance initializers in Pipeline scripts. Exploitation of this requires the attacker to have permission to configure Pipelines in Jenkins or be a trusted committers to repositories containing Jenkinsfiles and for that Jenkins instance to be hosting other projects as well that the attacker should not have access to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jenkins-plugin-workflow-cps as shipped with Red Hat OpenShift Enterprise 3. However, this flaw is of low impact under the supported scenarios in OpenShift Enterprise 3. A future update may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000096"
},
{
"category": "external",
"summary": "RHBZ#1471064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471064"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000096",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2017-07-10/",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"release_date": "2017-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-08T03:14:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2017:2642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
"7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
"7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
"7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
"7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
"7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
"7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
"7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)"
}
]
}
gsd-2017-1000092
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-1000092",
"description": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.",
"id": "GSD-2017-1000092",
"references": [
"https://access.redhat.com/errata/RHBA-2017:2642"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-1000092"
],
"details": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.",
"id": "GSD-2017-1000092",
"modified": "2023-12-13T01:21:02.311222Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-08-22T17:29:33.312285",
"ID": "CVE-2017-1000092",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100435"
},
{
"name": "https://jenkins.io/security/advisory/2017-07-10/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[0.1.0,0.7.3],[0.8.0,0.8.2],[0.9.0,0.9.2],[1.0.0,1.0.1], [1.1.0,1.1.29],[1.2.0,1.6.0],[2.0.0,2.0.4],[2.1.0,2.2.12],[2.3.0,2.3.5], [2.4.0,2.4.4],[2.5.0,2.5.3],[2.6.0,2.6.2],[2.6.4,2.6.5],[3.0.0,3.0.5], [3.1.0,3.3.1],[3.4.0]",
"affected_versions": "All versions starting from 0.1.0 up to 0.7.3, all versions starting from 0.8.0 up to 0.8.2, all versions starting from 0.9.0 up to 0.9.2, all versions starting from 1.0.0 up to 1.0.1, all versions starting from 1.1.0 up to 1.1.29, all versions starting from 1.2.0 up to 1.6.0, all versions starting from 2.0.0 up to 2.0.4, all versions starting from 2.1.0 up to 2.2.12, all versions starting from 2.3.0 up to 2.3.5, all versions starting from 2.4.0 up to 2.4.4, all versions starting from 2.5.0 up to 2.5.3, all versions starting from 2.6.0 up to 2.6.2, all versions starting from 2.6.4 up to 2.6.5, all versions starting from 3.0.0 up to 3.0.5, all versions starting from 3.1.0 up to 3.3.1, version 3.4.0",
"cvss_v2": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-352",
"CWE-937"
],
"date": "2017-10-17",
"description": "The Git plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.",
"fixed_versions": [
"3.5"
],
"identifier": "CVE-2017-1000092",
"identifiers": [
"CVE-2017-1000092"
],
"not_impacted": "All versions before 0.1.0, all versions after 0.7.3 before 0.8.0, all versions after 0.8.2 before 0.9.0, all versions after 0.9.2 before 1.0.0, all versions after 1.0.1 before 1.1.0, all versions after 1.1.29 before 1.2.0, all versions after 1.6.0 before 2.0.0, all versions after 2.0.4 before 2.1.0, all versions after 2.2.12 before 2.3.0, all versions after 2.3.5 before 2.4.0, all versions after 2.4.4 before 2.5.0, all versions after 2.5.3 before 2.6.0, all versions after 2.6.2 before 2.6.4, all versions after 2.6.5 before 3.0.0, all versions after 3.0.5 before 3.1.0, all versions after 3.3.1 before 3.4.0, all versions after 3.4.0",
"package_slug": "maven/org.jenkins-ci.plugins/git",
"pubdate": "2017-10-05",
"solution": "Upgrade to version 3.5 or above.",
"title": "Cross-Site Request Forgery (CSRF)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2017-1000092",
"http://www.securityfocus.com/bid/100435",
"https://jenkins.io/security/advisory/2017-07-10/"
],
"uuid": "31a4d219-0fef-4f05-92c5-fa7b15d5b24a"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.9.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.9.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.9.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.0.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.11:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.12:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.13:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.14:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.28:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.29:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.2.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.3.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.0:beta-3:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.0:beta-4:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.0:beta-5:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.2:beta-2:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.4:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.5:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.5.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.6.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.7.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.7.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.4:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.5:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.6:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.20:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.21:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.22:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.23:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.0:alpha-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.0:alpha-2:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.0:beta-2:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.0:beta-3:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.8:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.9:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.10:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.11:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.4.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.4.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.4.4:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.6.2:beta-2:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.6.4:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.1.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.3.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.7.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.8.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.7:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.9:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.16:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.18:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.25:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.27:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.4.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.6.0:beta-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.4:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.5:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.7:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.12:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.0:beta-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.4:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.4.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.0:beta-2:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.0:beta-4:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.6.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.6.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.0:beta-2:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.2.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.3.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.6.5:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.0:beta-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.4.0:alpha-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.4.0:alpha-4:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.4.0:beta-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.2.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.4.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.7.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.8.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:0.8.2:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.0.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.8:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.10:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.15:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.17:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.19:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.24:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.1.26:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:1.5.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.0.3:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.1.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.4:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.2.6:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.0:beta-2:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.3.5:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.4.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.0:beta-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.5.0:beta-3:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.6.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:2.6.2:beta-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.1:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.0.2:beta-1:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.1.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:git:3.3.0:*:*:*:*:jenkins:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000092"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2017-07-10/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
},
{
"name": "100435",
"refsource": "BID",
"tags": [
"VDB Entry",
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/100435"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
},
"lastModifiedDate": "2017-10-17T17:02Z",
"publishedDate": "2017-10-05T01:29Z"
}
}
}
fkie_cve-2017-1000092
Vulnerability from fkie_nvd
Published
2017-10-05 01:29
Modified
2024-11-21 03:04
Severity ?
Summary
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100435 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://jenkins.io/security/advisory/2017-07-10/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100435 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2017-07-10/ | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:git:0.1.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "DB4E4FC0-7580-4FBB-A139-797A60357EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.2.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "677080D2-F865-4F8E-A950-690C063E8078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.3.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "46B3B5C9-5D20-4D53-921E-160B1ABB338C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.4.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "67C09409-E8DF-4174-B276-3C09DAB8CCD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.5.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "AFA7DF0D-10B2-42E8-A721-601A47CB8E7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.6.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "819379AD-978B-498B-98FC-ACD7BB0426FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.7.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "16A1E997-1499-45EA-9DE4-9E30A071957A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.7.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "2A50E52B-25F2-41CA-98AA-FAB65AB993FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.7.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "E0F1D344-77AC-4FB0-A12A-3E03CCB34E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.7.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "B7754A95-AF91-49EF-8965-7E63AB1CCAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.8.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1F589112-DEFC-4BC8-81A7-72DD2BC1FA0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.8.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "3CBF17E0-B324-49C0-AD5C-141D456CCC28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.8.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "D41DA62C-75DC-46BC-B300-46EDDDCF456A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.9.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "AFB68276-8776-4293-A762-5B2FE1862892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.9.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "7FBCE99F-BF42-4126-8CCC-93927427293E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:0.9.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "A8022A06-6A26-4BD4-82D5-C31E944B5425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.0.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "8F3F756A-02CC-4680-9C4D-B8913F54078F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.0.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1B09D69F-639C-43BA-856F-A0B61E43D66B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "A3298505-24F3-4335-9257-9FE6208B14FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4526FCB4-1CFB-48A8-84AF-65267A1AF61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0606E95F-66B8-4FE9-8B9E-0D110E3C0380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "345AF76C-A05F-477E-96DA-D81E55F51397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4E619E21-218E-42E9-8B49-55ED5B6D1707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.5:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "365AE461-27A5-4027-B3FB-911D073CDF76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.6:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "323964F0-4A7A-4C78-BF55-3536682501C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.7:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "63A0EF35-CF43-4025-BDF0-782D995BDA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.8:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "99A5279C-041F-4E4F-916E-FA3C7E337095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.9:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "54805166-D56E-47BE-8ED6-3934C7D37573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.10:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F488A22E-32B4-4F48-9147-39A08868D21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.11:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "2035150A-915D-4A3D-9E31-A07A26419347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.12:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "FF7D4054-7393-4797-B029-218D6346F05B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.13:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F3180557-DB1A-4DF1-A1A2-CAC7953A55D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.14:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0BA98018-F0DD-4338-9892-AA1B5F336A01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.15:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "8463B4B8-F656-47C3-86DA-572C3C6C26F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.16:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4ABD72A1-3802-432F-82B9-8620DEBF9736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.17:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F3758A9E-63E3-4D19-87F2-DD9EAE3805EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.18:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "15969DE6-CEF4-4E11-89C2-CA16A9EFA62A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.19:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "142BCBAC-8779-4CAF-8B40-BBDFC655CC32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.20:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "3C1EC783-A402-48A6-8EC4-354009927118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.21:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "18C6971D-A64A-40E7-8699-319FB9C5C012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.22:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "00D49A22-8E40-4D90-9637-3983EE5A00D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.23:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1BBC99C6-A757-4F50-B8D8-06E2D184F802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.24:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "BAD742A3-0968-4125-8470-A606EF704EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.25:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "8E1AA9C6-9298-4194-9E2B-1239CF5340F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.26:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "223A2980-F9B1-4487-A722-E5EB1C490A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.27:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "04662411-8E1B-4475-9775-5486AFEA8CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.28:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "E216DB21-0479-43A9-92E3-E8B7DD21D98D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.1.29:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "9E0AC53B-F90C-4A43-B5DD-3AAD55A36668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.2.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "CDF0EE94-AB3B-4A53-B681-AEFD1B25CFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.3.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "676B8587-D103-4289-AAE7-AEC669901348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.4.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "52790BF9-338F-48E0-8589-8B12CD841577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.5.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "C89707D1-2517-414D-B4B8-7458F87C527D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:1.6.0:beta-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "DDE9A7CC-4941-4C6B-8C9E-E4FDC6A857C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "C3A56B14-5584-42D2-B612-D62B064806AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.0:alpha-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "93E6C099-AA06-405D-8711-657D83962EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.0:alpha-2:*:*:*:jenkins:*:*",
"matchCriteriaId": "00FB7EF8-0ED4-49EC-A43E-FE774B495656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.0:beta-2:*:*:*:jenkins:*:*",
"matchCriteriaId": "23F164E6-F9E1-4A3F-A3BC-48B2537DBA68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.0:beta-3:*:*:*:jenkins:*:*",
"matchCriteriaId": "76FDF0F0-F6E9-49EE-9BC7-2BFA59E970B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "084E37A1-4446-44C7-845A-CCEA77A6CF6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "23971890-1FD6-49AF-B14D-3435B05EAE51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "E321BB4A-CD62-47A5-8E41-28B2FAD72DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.0.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1DFDB0FE-F09B-46ED-8595-D673DCE03250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.1.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "09CFCF17-D7ED-4F0B-95F6-21ECAF4DBAC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "612D9AC8-996C-4AB2-9221-57A735A757CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "C9D2156A-2461-45D7-BFDA-48E1A1607042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "2D0960CF-E96D-4750-93C3-A6BDE67E4534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "30C24C33-FEFF-47DC-A608-646F3D64B260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4A9A2E1B-5803-418A-8A40-674711037117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.5:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1C5AB485-17A4-4525-9D32-8032B0414DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.6:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "2E86B79A-3574-4A6E-A8C3-1706790709BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.7:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "A8F007EC-A886-4544-9E83-8BABFFE9CA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.8:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "40912236-69A3-4E2D-BD91-217FE52DCFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.9:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F830CEAC-AA1C-4B64-BFAD-FE9296BEF571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.10:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "AC18C7E1-D808-401F-A97A-9631E35DA7D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.11:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "83A4C949-8A88-48FC-841E-DF9944E7D85D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.2.12:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "09677FA9-1411-4FFF-A5B7-93758B1A455E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "41EC1109-DFE3-4BF5-BE6F-CEBDE78C05D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.0:beta-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "219FDFBE-AEBC-4DFE-AEC0-2E87AEB79BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.0:beta-2:*:*:*:jenkins:*:*",
"matchCriteriaId": "1BA545CA-4F7A-4C86-8AF8-7733F5FD94D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.0:beta-3:*:*:*:jenkins:*:*",
"matchCriteriaId": "3D82424E-26BE-445F-8B98-AC89616CBE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.0:beta-4:*:*:*:jenkins:*:*",
"matchCriteriaId": "5A7D44A1-A926-4321-9B8D-C8A02901C685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F0C9E21F-B5E8-4072-9405-75E503DAFABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "D77AA97E-55FD-4D7F-86B7-DFAD6C330A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "FA8DA453-C09F-4745-B056-057EDB7D93DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "F7B17F60-E1E6-4E5C-B91B-F8CCEDBC1EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.3.5:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "AAFAA96E-76B5-4D11-939C-DBE647200F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.4.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "DA1B861E-8E14-4B28-9110-790AA5225820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.4.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "0B64FBA4-E28E-4560-922D-EE750EF1A5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.4.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "AA791F81-C8BB-4C76-840C-6A338CD14B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.4.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1BF74B44-160D-4C12-8F42-33320D14F42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.4.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "3B043F28-8821-47EA-AA0D-1BABD293B226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "01D52B58-F3E9-41D3-9F63-FA7FD52D07B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.0:beta-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "6284EE03-B9C8-416B-8AFE-E9DF69BBDFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.0:beta-2:*:*:*:jenkins:*:*",
"matchCriteriaId": "73C9FBCC-8EA0-4364-A07B-1D3313BD60A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.0:beta-3:*:*:*:jenkins:*:*",
"matchCriteriaId": "C74DB2EA-CCB6-4419-9895-9EBAB0B10497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.0:beta-4:*:*:*:jenkins:*:*",
"matchCriteriaId": "F6C95AAC-8D8D-4641-984B-03543ACA742A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.0:beta-5:*:*:*:jenkins:*:*",
"matchCriteriaId": "95CC9043-A604-4159-B088-144E22FC2692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "A3691557-61F0-493D-BB07-31DC514AC6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "62855947-0D7A-43E4-AA13-8ACE828670DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.5.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1F0007C3-E62F-4967-B5D8-D32AD59032DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.6.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "D74818F0-D227-4C20-A00B-98D9F90C0DEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.6.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "849FE2D4-6821-4FB7-A63A-4DB69F5E760D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.6.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "1BA36392-D2A2-48FE-A0DA-F0506B8F4DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.6.2:beta-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "1D7871F7-0464-4FE8-BE25-F1850E50FD34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.6.2:beta-2:*:*:*:jenkins:*:*",
"matchCriteriaId": "1F0491FA-ABC1-4F8A-8EC1-28B6A6DCE98E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.6.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "DAF4DF9B-1A13-4E97-8EA7-314920CCFD27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:2.6.5:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "B80C0DD3-D13E-4BE3-A725-D6F30C76539B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "64EB6FCA-F51A-4E19-8295-D33EC3C2F2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.0:beta-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "F4004DD0-FA0F-496D-B55A-532BC2AC9C4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.0:beta-2:*:*:*:jenkins:*:*",
"matchCriteriaId": "D50CF5BC-9DF3-4470-A251-FB9A293C6474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "FFAE336E-F298-4DFE-A962-E12992F4E261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.2:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "4A9CDB02-9046-4CEB-92DD-A543A9CCD60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.2:beta-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "9CEDCC1A-D893-4BC6-8F76-664E770A7282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.2:beta-2:*:*:*:jenkins:*:*",
"matchCriteriaId": "24FD6C60-A3ED-40D6-A81F-3F0E4B0F565D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.3:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "6EFE4D87-9963-446E-85EC-9FB87D4A62DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.4:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "659C6AE8-7FBA-48CD-B7D7-50775163B920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.0.5:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "8FF05032-310B-4CB7-A658-0D27852A03DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.1.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "71A8E89B-39E9-4B5A-B814-B4981BB158E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.2.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "B9567E6E-50BA-436A-82C8-B59BA8B75F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.3.0:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "7644636A-C6B9-4502-95B6-E7083D62AD35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.3.1:*:*:*:*:jenkins:*:*",
"matchCriteriaId": "7FFA6D47-FC31-4E7D-BACE-8A57BB674AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.4.0:alpha-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "903074CE-C5D6-4BCF-A7E3-44C490510756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.4.0:alpha-4:*:*:*:jenkins:*:*",
"matchCriteriaId": "AA7E1D39-4A57-4A1D-9D3A-33E48E4C0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:git:3.4.0:beta-1:*:*:*:jenkins:*:*",
"matchCriteriaId": "5D749ADF-C75A-4C90-8735-50E12564838E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server."
},
{
"lang": "es",
"value": "El plugin Git se conecta a un repositorio de Git especificado por el usuario como parte de la validaci\u00f3n de formularios. Un atacante que no tenga acceso directo a Jenkins pero que pueda adivinar un ID de credenciales de nombre de usuario/contrase\u00f1a podr\u00eda enga\u00f1ar a un desarrollador con permisos de configuraci\u00f3n de tareas para que acceda a un enlace con una URL Jenkins manipulada con fines maliciosos, lo que puede provocar que el cliente de Git de Jenkins env\u00ede el nombre de usuario y la contrase\u00f1a a un servidor controlado por el atacante."
}
],
"id": "CVE-2017-1000092",
"lastModified": "2024-11-21T03:04:08.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-05T01:29:03.773",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100435"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2017-07-10/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.